Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/S6-qPcgic8CK7KM076XQkaYXmS4.roa
File: S6-qPcgic8CK7KM076XQkaYXmS4.roa (raw, json)
Hash identifier: Me4M6JC91kloh+CR7DpZMyjKRd0aJvuiKji8S2jI5K4=
Subject key identifier: 4B:AF:AA:3D:C8:22:73:C0:8A:EC:A3:34:EF:A5:D0:91:A6:17:99:2E
Certificate issuer: /CN=a244a5c22bb0d1b72edbbedfd5a7b2607922334a
Certificate serial: 018570675577D960ACF4513F0FF9934A5574
Authority key identifier: A2:44:A5:C2:2B:B0:D1:B7:2E:DB:BE:DF:D5:A7:B2:60:79:22:33:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okSlwiuw0bcu277f1aeyYHkiM0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/S6-qPcgic8CK7KM076XQkaYXmS4.roa
Signing time: Mon 02 Jan 2023 02:54:58 +0000
ROA not before: Mon 02 Jan 2023 02:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43594
IP address blocks: 95.215.124.0/24 maxlen: 24
95.215.125.0/24 maxlen: 24
95.215.124.0/22 maxlen: 22
95.215.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:55:77:d9:60:ac:f4:51:3f:0f:f9:93:4a:55:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a244a5c22bb0d1b72edbbedfd5a7b2607922334a
Validity
Not Before: Jan 2 02:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bafaa3dc82273c08aeca334efa5d091a617992e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:c2:c4:0f:17:44:6f:51:42:52:89:3c:ad:
1f:fb:3b:70:78:d7:f8:00:a0:24:69:27:4d:64:6a:
70:a1:7f:8a:95:df:45:96:0e:ec:a5:fb:49:46:a0:
6b:54:9c:4b:1d:67:2a:92:b6:af:d6:38:c3:2a:16:
90:66:a0:f5:58:73:b7:12:9c:cd:61:14:09:82:da:
87:af:da:d6:c0:b4:57:7e:83:1f:93:a0:6c:c7:a7:
29:74:a5:68:78:44:00:87:b0:cd:b0:5c:98:89:cf:
01:fb:65:cb:cb:81:a9:04:37:58:06:89:b7:04:9d:
d2:df:29:4a:47:f4:84:28:0b:0e:be:f4:d3:8d:7b:
41:ab:d8:d3:0a:3e:8f:a2:21:d6:8a:46:b5:a9:94:
67:31:19:b0:f8:6d:ce:45:87:b2:92:ca:bc:f5:44:
05:b0:a5:bd:2f:12:c9:cd:f6:9e:d1:ef:bb:4b:54:
e3:39:52:82:41:f5:34:64:98:7b:9a:c1:3e:cf:92:
76:05:bc:0d:9b:10:0b:53:fc:88:1c:22:ca:4e:1e:
fd:88:59:4b:97:aa:0d:30:d1:e6:17:20:cc:da:fa:
da:57:a2:6f:6a:97:80:d4:64:2a:54:db:52:4c:2a:
dc:1a:9e:bf:b3:27:0a:9a:96:3a:58:27:cc:66:fd:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AF:AA:3D:C8:22:73:C0:8A:EC:A3:34:EF:A5:D0:91:A6:17:99:2E
X509v3 Authority Key Identifier:
keyid:A2:44:A5:C2:2B:B0:D1:B7:2E:DB:BE:DF:D5:A7:B2:60:79:22:33:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okSlwiuw0bcu277f1aeyYHkiM0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/S6-qPcgic8CK7KM076XQkaYXmS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/okSlwiuw0bcu277f1aeyYHkiM0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
06:52:cd:4e:8d:21:68:cf:33:15:5f:4c:08:9e:3b:6b:38:b7:
0f:21:99:d7:f6:45:b2:a1:15:9c:8c:c8:1b:5f:e6:af:b9:7f:
0b:76:4f:fb:07:00:8e:98:99:a1:fc:95:07:5f:cd:14:f9:32:
c7:12:22:c3:e8:ab:08:96:61:94:51:a1:3d:4d:24:24:c9:54:
a6:e2:4e:ed:01:4a:65:7b:26:82:97:49:3f:39:68:68:08:5b:
b1:04:96:19:13:82:3f:51:2d:2f:bc:2d:cc:02:94:1f:b2:ee:
a4:6b:e6:08:d6:d0:b8:19:d6:41:36:16:3f:c5:57:54:00:96:
60:c0:35:aa:59:87:ce:bd:88:1d:cb:f0:b0:1f:b9:bd:15:69:
76:c4:b9:42:09:22:76:a0:fd:ed:76:30:49:fd:96:27:61:49:
8e:3e:aa:0a:a3:70:ec:ad:0d:6a:14:3c:f1:c6:70:5f:be:f8:
46:5d:7f:62:f9:73:15:12:0a:9f:83:d8:75:1f:fd:e6:a6:f1:
5b:d9:76:e2:5e:27:d3:9f:d5:5b:2c:44:93:00:a0:b2:bd:c1:
60:51:7a:74:b3:07:58:b8:46:e7:b3:04:92:da:89:13:41:51:
d3:36:28:04:88:bc:38:77:7a:17:91:07:1e:c3:65:61:f4:16:
a0:19:19:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1V32WCs9FE/D/mTSlV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDRhNWMyMmJiMGQxYjcyZWRiYmVkZmQ1YTdiMjYwNzky
MjMzNGEwHhcNMjMwMTAyMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFmYWEzZGM4MjI3M2MwOGFlY2EzMzRlZmE1ZDA5MWE2MTc5OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCDCxA8XRG9RQlKJPK0f+ztweNf4
AKAkaSdNZGpwoX+Kld9Flg7spftJRqBrVJxLHWcqkrav1jjDKhaQZqD1WHO3EpzN
YRQJgtqHr9rWwLRXfoMfk6Bsx6cpdKVoeEQAh7DNsFyYic8B+2XLy4GpBDdYBom3
BJ3S3ylKR/SEKAsOvvTTjXtBq9jTCj6PoiHWika1qZRnMRmw+G3ORYeyksq89UQF
sKW9LxLJzfae0e+7S1TjOVKCQfU0ZJh7msE+z5J2BbwNmxALU/yIHCLKTh79iFlL
l6oNMNHmFyDM2vraV6JvapeA1GQqVNtSTCrcGp6/sycKmpY6WCfMZv2nkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuvqj3IInPAiuyjNO+l0JGmF5kuMB8GA1UdIwQY
MBaAFKJEpcIrsNG3Ltu+39WnsmB5IjNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tTbHdpdXcwYmN1Mjc3ZjFhZXlZSGtpTTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jNDVlNjktZmQ5Ny00YzRmLWI2NjMt
ODQxNDYwNzlkMGI5LzEvUzYtcVBjZ2ljOENLN0tNMDc2WFFrYVlYbVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jNDVlNjktZmQ5Ny00YzRmLWI2NjMtODQxNDYwNzlkMGI5
LzEvb2tTbHdpdXcwYmN1Mjc3ZjFhZXlZSGtpTTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9d8MA0G
CSqGSIb3DQEBCwUAA4IBAQAGUs1OjSFozzMVX0wInjtrOLcPIZnX9kWyoRWcjMgb
X+avuX8Ldk/7BwCOmJmh/JUHX80U+TLHEiLD6KsIlmGUUaE9TSQkyVSm4k7tAUpl
eyaCl0k/OWhoCFuxBJYZE4I/US0vvC3MApQfsu6ka+YI1tC4GdZBNhY/xVdUAJZg
wDWqWYfOvYgdy/CwH7m9FWl2xLlCCSJ2oP3tdjBJ/ZYnYUmOPqoKo3DsrQ1qFDzx
xnBfvvhGXX9i+XMVEgqfg9h1H/3mpvFb2XbiXifTn9VbLESTAKCyvcFgUXp0swdY
uEbnswSS2okTQVHTNigEiLw4d3oXkQcew2Vh9BagGRlH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:40 2025 by rpki-client